Top spook: ISP black boxes NOT key to UK's web-snoop plan

We fully expect Google, Facebook and Twitter to hand over your data

Government-funded black boxes that monitor the UK's internet traffic are not "the cornerstone" of the Home Office's web super-snoop plan, a top spook has told MPs and peers.

Ex-MI6 man Charles Farr, who heads up the Office for Security and Counter-Terrorism, dismissed claims that Deep Packet Inspection (DPI) probes are the "central plank" of the government's Communications Data Bill currently being scrutinised by Parliament.

Instead, he insisted that cooperation with communications service providers (CSPs) such as Google and Facebook was key to the proposed surveillance legislation.

Police, spooks and the taxman - among other authorities - would need to use packet-capturing black boxes when CSPs declined to provide access to communications data where it is suspected that criminal activity has taken place, said Farr.

"We could in theory accept that there is a communication service used by criminals where we cannot access any data. But that is not the view of this government," he said, speaking at a committee meeting of the politicos on Tuesday afternoon.

If CSPs refuse to provide those authorities with access to such data, a black box would be placed on a network where such information could be hoovered up.

Farr [pictured centre]: 'I dunno. A black box is about this big, I guess'

Farr added that in those instances the security services would work with ISPs to develop the technology and the telco would store the data.

Interestingly, the government's Director of Communications Capability Directorate Richard Alcock appeared to indicate that the likes of Google, Twitter and Facebook would be expected to retain unencrypted data on their systems.

All of those CSPs - whose cooperation Farr had earlier described as a "patchwork quilt" - are not only headquartered overseas but have also each implemented the Secure Sockets Layer (SSL) protocol on their services.

Up until yesterday, it was unclear how spooks could intercept traffic when such websites transmit individual user sessions over encrypted SSL channels.

"Through the bill we'll only be able to access communications data. CSPs will hold unencrypted data on their systems, we'll need to work with them," Alcock said.

"It's very easy to separate content from communications data," he added before offering reassurance to the committee of politicos by saying "we won't be applying systems that cannot reliably do that".

Peter Hill - the Head of Unit for Pursue Policy and Strategy Unit at the Home Office - stressed at the meeting that many CSPs were only too happy to cooperate. The reason for the new legislation, he added, was that "the data that we need is not available rather than that it's not being shared with us".

Farr described the discussions his office has had with CSPs as "constructive". He said: "Those providers understand there is an issue, they want to help to address it but they want a legal process to support it."

On the issue of DPI, Alcock said black boxes were already "used as a matter of course" by ISPs.

"It's possible to use that existing kit to establish the who, where and when," he said before repeating that "if we cannot reliably extract comms data by that route then we won't do it".

Farr had earlier defended Home Secretary Theresa May's draft communications bill - dubbed a snoopers' charter - by saying that clarity was needed about what data providers should retain. He said a "technical problem" existed with the current Data Retention Directive (DRD) and the Regulation of Investigatory Powers Act (RIPA).

"The lack of data is then compounded by a legal problem because the DRD is not clear about what information should be retained," he said.